top of page

How is repup complying with GDPR

As the single largest data protection act approaches, we at RepUp are working day and night to make sure our data storing and handling processes are up to the industry standard. In short, we can explain GDPR as certain guidelines and newly laid out laws on how to process personal data of EU residents. Failing to oblige by such laws will have fines and legal consequences, which is why we are overhauling our data management processes to comply with the new GDPR ( General Data Protection Regulation).

In this article, we are going to discuss some certain steps that we have taken to ensure we are on the right side of the law. They are as following –

Data Control

Controlling the data flow of the users and making sure it doesn’t end up anywhere else but in the hands of the Hotels, is an essential part of the GDPR. We at RepUp have effectively upgraded our data management processes as per the latest norms set by the EU GDPR authority.

Data Security

Data security is the most important aspect of GDPR. It is to make sure that personal data of EU residents are protected from the non-consensual usage of data. We have updated our security protocols accordingly to ensure there are no breaches.

Right to Consent

Right to consent is another important part of the GDPR act. In a simplistic way, we can break it down to — the hotels must give utmost priority to guest consent before processing and storing their data. RepUp has introduced a number of upgrades in order to execute the consent collection process according to GDPR.

For example – We have introduced a double opt-in mechanism in emails for our marketing module. What is double opt-in? A double opt-in email is just like any email based newsletter where people can sign-up through the Internet either on a webpage or by sending an email to the management software. What makes an email list “double opt-in” is that any person who subscribes to it must confirm their request twice.

Breach Notification

Lastly, one of the most important aspects of GDPR is the breach notification protocol. EU authorities have laid down an elaborate plan about what to do in case of a data security breach. It consists of putting up a team to investigate the reason for the breach and notifying the EU authorities and the guests about such.

In order to become GDPR compliant, we have updated our Data Processing Agreement (DPA). Our new DPA will be incorporated in the terms and conditions that are already in service. Along with this, we are also planning to change our privacy policy as GDPR. There will be more changes to come and more updates to be done, once GDPR gets in to effect. We at Repup are determined to make changes accordingly and help our clients go through the initial troubling months of the GDPR.

16 views0 comments


bottom of page